Now this is one of the most interesting security articles I have read for some time. Basically it describes how to setup a kernel 2.2 Linux system to perform packet filtering and NAT in a halted state -- that is, runlevel 0! No processes running, no mounted disks! Hard to believe. This is an article from Sys Admin magazine and I have checked the reference to the Firewalls list thread so it appears kosher. Apparentely it works because even in a halted state the kernel is still loaded in memory. Makes it kinda hard to hack though. Has anyone tried this? I wonder if it would work for 2.4 kernels and IP Tables?
http://www.samag.com/documents/s=1824/sam0201d/0201d.htm -- regards, Kerry.
